• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

Switch from mod_php to php as cgi

P

popminister

Guest
It seems to be impossible to setup a secure mod_php environment because of some famous php-scripts which won't run with secure settings.

You can put the scripts into the open_basedir jail but if you don't use the option to disable functions like exec() or system() users still can browse through foreign directories. This is because of the fact that all scripts run from the same user account e.g. apache which has got the rights to access all users web directories.

So at the moment it seems for me to be the best solution to switch back to the cgi solution like it was used in confixx, which was my last controlpanel software.

The cgi-solution makes it impossible to run the scripts with the rights of the webuser and so the users can't access foreign directories.

But the question is: How can this be done with plesk? I need to modify the entries which plesk adds to all virtual host directives it writes into /etc/httpd/httpd.include.

Any ideas?

Thanks in advance

Popminister
 
There seem to be some other ideas on how to make php run secure in shared hosting environments:

Look here

But none of them is already advised to be ran in production environments.

Has anybody some better ideas or a solution?
 
Back
Top